Application No.: 10/054,307 

Amendments to the Claims: 

Please amend claim(s) 1, 4, 7, 14, 16, 18, and 25-29. 

This listing of claims will replace all prior versions, and listings, of claims in the 
application. 

Listing of Claims: 

1 . (Currently Amended) A system for performing penetration testing of a target 
computer network by installing a remote agent in a target host of the target computer 
network, the system comprising: 

a local agent provided in a console and configured to receive and execute 
commands; 

a user interface provided in the console and configured to send commands to and 
receive information from the local agent, process the information, and present the 
processed information; 

a database configured to store the information received from the local agent; 

a network interface connected to the local agent and configured to communicate 
via a network with the remote agent installed in the target host of the target computer 
network; 

means for providing system calls for the target host; and 

security vulnerability exploitation modules for execution by the local agent and/or 
the remote agent, 
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wh e r e in the remote agent further comprising compris e s at least on e of: a system- 
calls proxy server configured to receive and execute, in the target host, the_system calls 
received via the network , and a virtual machin e configur e d to e x e cute, in th e targ e t host, 
scripting language instructions receiv e d via th e n e twork . 

2. (Original) The system of claim 1, wherein the user interface enables a user to 
select one of the modules and initiate execution of the selected module on either the local 
agent or the remote agent. 

3. (Original) The system of claim 1, wherein the user interface provides a 
graphical representation of the target computer network. 

4. (Currently Amended) A method for performing penetration testing of a target 
computer network, comprising: 

installing a remote agent in a target host of the target computer network; 
executing a command using a local agent provided in a console; 
receiving information from the local agent in a user interface provided in the 
console; 

presenting the information received from the local agent to a user; 

storing the information received from the local agent in a database; 
communicating via a network with the remote agent installed in the target host of the 
target computer network; [[and]] 

providing system calls for the target host; 
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providing security vulnerability exploitation modules for execution by the local 
agent and/or the remote agent[[,]]; and 

receiving and executing the system calls in the target host, where the system calls 
are received and executed by a system-calls proxy server located in the remote agent, and 
where the system calls are received via the network. 

whoroin th e r e mot e agent compris e s at l e ast on e of: a system calls proxy s e rv e r 
configur e d to rec e iv e and e x e cut e , in th e targ e t host, syst e m calls r e ceived via th e 
n e twork, and a virtual machin e configured to execut e , in th e targ e t host, scripting 
languag e instructions receiv e d via the network. 

5. (Original) The method of claim 4, further comprising: 
selecting, using the user interface, one of the modules; and 

initiating execution of the selected module on either the local agent or the remote 

agent. 

6. (Original) The method of claim 4, further comprising providing a graphical 
representation of the target computer network using the user interface. 

7. (Currently Amended) Computer code embodied in a computer-readable 
medium for performing penetration testing of a target computer network, the computer 
code comprising code for: 

installing a remote agent in a target host of the target computer network; 
executing a command using a local agent provided in a console; 
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receiving information from the local agent in a user interface provided in the 
console; 

presenting the information received from the local agent to a user; 
storing the information received from the local agent in a database; 
communicating via a network with the remote agent installed in the target host of 
the target computer network; 

providing system calls for the target host; and 

providing security vulnerability exploitation modules for execution by the local 
agent and/or the remote agent, 

wher e in the remote agent further comprising compris e s at l e ast on e of: a system- 
calls proxy server configured to receive arid execute, in the target host, the system calls 
received via the network , and a virtual machin e configur e d to e x e cut e , in th e targ e t host, 
scripting languag e instructions r e c e iv e d via th e n e twork . 

8. (Original) The computer code of claim 7, further comprising code for: 
selecting, using the user interface, one of the modules; and 

initiating execution of the selected module on either the local agent or the remote 

agent. 

9. (Original) The computer code of claim 7, further comprising code for 
providing a graphical representation of the target computer network using the user 
interface. 
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10. (Previously Presented) An agent embodied in a computer-readable medium 
for use in a system for performing penetration testing of a target computer network 
having a target host, the agent comprising: 

a system-calls proxy server configured to receive and execute, in the target host, 
system calls received via a network; and 

a virtual machine configured to execute, in the target host, scripting language 
instructions received via the network, 

wherein the system calls received via the network are routed to the system-calls 
proxy server and the scripting language instructions received via the network are routed 
to the virtual machine. 

1 1 . (Previously Presented) The agent of claim 1 0, further comprising an 
execution engine configured to control the system-calls proxy server and the virtual 
machine, wherein the system calls and the scripting language instructions are routed to 
the system-calls proxy server and the virtual machine, respectively, by the execution 
engine. 

12. (Original) The agent of claim 11, further comprising a remote procedure call 
module configured to receive commands from the network formatted in a remote 
procedure call protocol and pass the commands to the execution engine. 
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13. (Previously Presented) An agent embodied in a computer-readable medium 
for use in a system for performing penetration testing of a target computer network, 
having a target host, the agent comprising: 

a system-calls proxy server configured to receive and execute, in the target host 
system calls received via a network; 

a virtual machine configured to execute, in the target host, scripting language 
instructions received via the network; 

a secure communication module configured to provide secure communication 
between the virtual machine and the network; 

an execution engine configured to control the system-calls proxy server and the 
virtual machine, wherein the system calls and the scripting language instructions are 
routed to the system-calls proxy server and the virtual machine, respectively, by the 
execution engine; 

a remote procedure call module configured to receive commands via the network 
formatted in a remote procedure call protocol and pass the commands to the execution 
engine; and 

a second secure communication module configured to provide secure 
communication between the remote procedure call module and the network. 

14. (Currently Amended) A method for performing penetration testing of a target 
network, comprising the steps of: 
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executing a first module in a console having a user interface, the first module 
being configured to exploit a security vulnerability in a first target host of the target 
network; 

installing a first remote agent in the first target host, the first remote agent being 
configured to communicate with the console and a second remote agent; and 

executing a second module in the first remote agent, the second module being 
configured to exploit a security vulnerability in a second target host of the target network; 
and 

providing system calls for the first target host , 

the wh e r e in first remote agent further comprising compris e s at least on e of: a 
system-calls proxy server configured to receive and execute, in the target host, th^system 
calls received via the network , and a virtual machin e configur e d to e x e cute, in th e target 
host, scripting languag e instructions r e ceiv e d via th e n e twork . 

15. (Original) The method of claim 14, further comprising installing a second 
remote agent in the second target host of the target network, the second remote agent 
being configured to communicate with the first remote agent. 

16. (Currently Amended) % system for performing penetration testing of a target 
network, comprising: 

a console having a user interface; 

a first module configured to execute in the console to exploit a security 
vulnerability in a first target host of the target network; 
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a first remote agent installed in the first target host, the first remote agent being 
configured to communicate with the console and a second remote agent; and 

a second module configured to execute in the first remote agent to exploit a 
security vulnerability in a second target host of the target network ; and 

means for providing system calls, 

wh e rein the first remote agent further comprising compris e s at l e ast on e of: a 
system-calls proxy server configured to receive and execute, in the target host, the 
system calls received via the network , and a virtual machine configur e d to e x e cut e , in th e 
target host, scripting languag e instructions receiv e d via th e n e twork . 

17. (Original) The system of claim 16, further comprising a second remote agent 
installed in the second target host of the target network, the second remote agent being 
configured to communicate with the first remote agent. 

18. (Currently Amended) Computer code embodied in a computer readable 
medium for performing penetration testing of a target network, the computer code 
comprising code for: 

executing a first module in a console having a user interface, the first module 
being configured to exploit a security vulnerability in a first target host of the target 
network; 

. ■ • ,\ 

installing a first remote agent in the first target host, the first remote agent being 
configured to communicate with the console and a second remote agent; and 
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executing a second module in the first remote agent, the second module being 
configured to exploit a security vulnerability in a second target host of the target network; 
and providing system calls for the first target host 

wh e r e in the first remote agent further comprising comprises at least on e of: a 
system-calls proxy server configured to receive and execute, in the target host, the_system 
calls received via the network , and a virtual machin e configur e d to e x e cut e , in the targ e t 
host, scripting language instructions r e ceiv e d via the n e twork . 

19. (Original) The computer code of claim 18, further comprising code for 
installing a second remote agent in the second target host of the target network, the 
second remote agent being configured to communicate with the first remote agent. 

20. (Previously Presented) A method for performing penetration testing of a 
target network, comprising the steps of: 

executing a first module to exploit a security vulnerability of a first target host of 
the target network; 

installing a first remote agent in the first target host as a result of exploiting the 
security vulnerability of the first target host; 

sending a system call to the first remote agent via a network; and 

executing the system call in the first target host using a system-calls proxy server 
of the first remote agent to exploit a security vulnerability of a second target host,. 

wherein the system call comprises a computer instruction that is executed in an 
operating system of the first target host. 
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2 1 . (Previously Presented) A method for performing penetration testing of a 
target network, comprising the steps of: 

executing a first module to exploit a security vulnerability of a first target host of 
the target network; 

installing a first remote agent in the first target host as a result of exploiting the 
security vulnerability of the first target host; 

executing in the first remote agent a second module that generates a system call; 

and 

executing the system call in the first target host to exploit a security vulnerability 
of a second target host, 

wherein the system call comprises a computer instruction that is executed in an 
operating system of the first target host. 

22. (Previously Presented) A method for performing penetration testing of a 
target network, comprising the steps of: 

executing a first module to exploit a security vulnerability of a first target host of 
the target network; 

installing a first remote agent in the first target host as a result of exploiting the 
security vulnerability of the first target host; 

executing a second module in the first remote agent that generates a system call; 

installing a second remote agent in a second target host as a result of exploiting a 
security vulnerability of the second target host; 
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sending the system call generated by the second module to the second remote 
agent via a network; and 

executing the system call in the second target host using a system-calls proxy server of 
the second remote agent, 

wherein the system call comprises a computer instruction that is executed in an 
operating system of the second target host. 

23. (Previously Presented) A method for performing penetration testing of a 
target network, comprising the steps of: 

executing a first module to exploit a security vulnerability of a first target host of 
the target network; 

installing a first remote agent in the first target host as a result of exploiting the 
security vulnerability of the first target host; 

installing a second remote agent in the second target host as a result of exploiting 
a security vulnerability of the second target host; ' 

sending a system call to the first remote agent; 

sending the system call from the first remote agent to the second remote agent; 

and 

executing the system call in the second target host using a system-calls proxy 
server of the second remote agent, 

wherein the system call comprises a computer instruction that is executed in an 
operating system of the second target host. 
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24. (Previously Presented) A method for performing penetration testing of a 
target network, comprising the steps of: 

installing a first remote agent in a first target host of the target network, the first 
remote agent having a system-calls proxy server configured to receive and execute 
system calls; 

executing in the first remote agent a system call received via a network, the 
system call comprising a computer instruction that is executed in an operating system of 
the first target host; 

installing a second remote agent in the first target host, the second remote agent 
having a system-calls proxy server configured to receive and execute system calls and a 
virtual machine configured to execute scripting language instructions; and 

executing in the second remote agent a scripting language instruction or a system 
call received via the network. 

25. (Currently Amended) Computer code embodied in a computer readable 
medium for performing penetration testing of a target network, the code comprising code 
for: 

executing a first module to exploit a security vulnerability of a first target host of 
the target network; 

installing a first remote agent in the first target host as a result of exploiting the 
security vulnerability of the first target host; 

sending a system call to the first remote agent via a network; and 
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executing the system call in the first target host using a system-calls proxy server 
of the first remote agent to exploit a security vulnerability of a second target host, the 
system call comprising a computer instruction that is executed in an operating system of 
the first target host. 

26. (Currently Amended) Computer code embodied in a computer readable 
medium for performing penetration testing of a target network, the code comprising code 
for: 

executing a first module to exploit a security vulnerability of a first target host of 
the target network; 

installing a first remote agent in the first target host as a result of exploiting the 
security vulnerability of the first target host; 

executing in the first remote agent a second module that generates a system call; 

and 

executing the system call in the first target host to exploit a security vulnerability 
of a second target host, the system call comprising a computer instruction that is executed 
in an operating system of the first target host. 

27. (Currently Amended) Computer code embodied in a computer readable 
medium for performing penetration testing of a target network, the code comprising code 
for: 

executing a first module to exploit a security vulnerability of a first target host of 
the target network; 
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installing a first remote agent in the first target host as a result of exploiting the 
security vulnerability of the first target host; 

executing a second module in the first remote agent that generates a system call; 

installing a second remote agent in the second target host as a result of exploiting 
a security vulnerability of the second target host; 

sending the system call generated by the second module to the second remote 
agent via a network; and 

executing the system call in the second target host using a system-calls proxy 
server of the second remote agent, the system call comprising a computer instruction that 
is executed in an operating system of the second target host. 

28. (Currently Amended) Computer code embodied in a computer readable 
medium for performing penetration testing of a target network, the code comprising code 
for: 

executing a first module to exploit a security vulnerability of a first target host of 
the target network; 

installing a first remote agent in the first target host as a result of exploiting the 
security vulnerability of the first target host; 

installing a second remote agent in the second target host as a result of exploiting 
a security vulnerability of the second target host; 

sending a system call to the first remote agent; 

sending the system call from the first remote agent to the second remote agent; 

and 
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executing the system call in the second target host using a system-calls proxy 
server of the second remote agent, the system call comprising a computer instruction that 
is executed in an operating system of the second target host. 

29. (Currently Amended) Computer code embodied in a computer readable 
medium for performing penetration testing of a target network, the code comprising code 
for: 

installing a first remote agent in the first target host, the first remote agent having 
a system-calls proxy server configured to receive and execute system calls; 

executing in the first remote agent a system call received via a network, the 
system call comprising a computer instruction that is executed in an operating system of 
the first target host; 

installing a second remote agent in the first target host, the second remote agent 
having a system-calls proxy server configured to receive and execute system calls and a 
virtual machine configured to execute scripting language instructions; and 

executing in the second remote agent a scripting language instruction or a system 
call received via the network. 
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